Trojaner-Board - Werbung trotz Addblocker Plus. Funktioniert nicht.

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Werbung trotz Addblocker Plus. Funktioniert nicht. (https://www.trojaner-board.de/148029-werbung-trotz-addblocker-plus-funktioniert.html)

Werbung trotz Addblocker Plus. Funktioniert nicht.

Hallo,

ich habe seid wenigen Tagen Werbung bei GMX und Google, sprich diese sickert trotz Addblocker Plus durch. Andere Addblocker habe ich versucht hinzuzufügen in CHrome. Jedoch kommt die Meldung. "Es ist ein Fehler aufgetreten" Habe mich auch an und abgemeldet. Nun habe ich hier bei ähnlichem Thema gelesen, dass man mit Farbar's Recovery Scan Tool scannen sollte. Die habe ich getan und das ist rausgekommen: (vl. kann mir jemand helfen, wie ich das system generell verbessern kann):
FRST Logfile:
FRST Logfile:
[CODE]Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-01-2014 03
Ran by artpc (administrator) on ARTPC-PC on 16-01-2014 14:59:24
Running from C:\Documents
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(AudioVkontakte.ru) C:\ProgramData\VKSaver\VKSaver.exe
(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
() C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(GGS) C:\Users\artpc.artpc-PC\AppData\Local\THORN\Thorn.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(IObit) C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
() C:\ProgramData\OptimizerPro\OptimizerPro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AudioVkontakte.ru) C:\ProgramData\VKSaver\VKSaver.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-08] (Realtek Semiconductor)
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [BullGuard] - C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2074424 2013-04-01] (BullGuard Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [VKSaver] - C:\ProgramData\VKSaver\VKSaver.exe [224768 2012-12-25] (AudioVkontakte.ru)
HKLM\...\Run: [PowerManager] - c:\program files\power manager\pm.exe [1716224 2008-09-25] ()
HKLM\...\Run: [Google EULA Launcher] - c:\program files\google\google eula\googleeulalauncher.exe [20480 2008-05-28] ( )
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2013-09-12] (RealNetworks, Inc.)
HKCU\...\Run: [Google Update] - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-27] (Google Inc.)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1140736 2013-10-19] (Spotify Ltd)
HKCU\...\Run: [Advanced SystemCare 5] - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [574296 2012-03-06] (IObit)
HKCU\...\Policies\Explorer: [NoInstrumentation] 1
MountPoints2: {0fba91ea-9ead-11e2-bf22-c8529e82fa0a} - H:\LGAutoRun.exe
MountPoints2: {71232dde-fcf2-11e2-b800-b11a8659bce7} - H:\LGAutoRun.exe
MountPoints2: {a932f1d6-b261-11e2-b29c-e784838dda10} - H:\LGAutoRun.exe
HKU\Art\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Art\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Art\...\Run: [Advanced SystemCare 5] - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [ 2012-03-06] (IObit)
HKU\Art\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Art\...\Run: [Spotify Web Helper] - C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-10-19] (Spotify Ltd)
HKU\Art\...\Run: [Driver Detective] - C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
HKU\Art\...\Run: [Google Update] - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-03-27] (Google Inc.)
HKU\Art\...\Run: [PCSpeedUp] - C:\Program Files\PC Speed Up\PCSUNotifier.exe
HKU\artpc\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\artpc\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe
HKU\artpc\...\Run: [fsc-reg] - c:\fsc-reg\fscreg.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
AppInit_DLLs: c:\progra~2\vksaver\vksaver3.dll bggamingmonitor.dll bggamingmonitor.dll BgGamingMonitor.dll [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yandex.ru/?win=98&clid=1992445
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - URL hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}
SearchScopes: HKLM - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}
SearchScopes: HKLM - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}
SearchScopes: HKCU - DefaultScope 3F6F3209E124BA4C26377C509D8F5EEA URL = hxxp://yandex.ru/yandsearch?win=98&clid=1992446&text={searchTerms}
SearchScopes: HKCU - 3F6F3209E124BA4C26377C509D8F5EEA URL = hxxp://yandex.ru/yandsearch?win=98&clid=1992446&text={searchTerms}
SearchScopes: HKCU - Moikrug URL = hxxp://moikrug.ru/persons/?clid=931354&charset=utf-8&keywords={searchTerms}&submitted=1
SearchScopes: HKCU - yandex.ru-091235 URL = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKCU - {79813DF5-0052-4742-997A-7D5E469E055A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}
SearchScopes: HKCU - {B46BD4CA-CE7D-494D-89F3-026154A7E58A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10399&src=kw&q={searchTerms}&locale=de_NL&apn_ptnrs=^ABX&apn_dtid=^YYYYYY^YY^NL&apn_uid=bbfa1368-ff22-41d4-82c9-13664f8e93d3&apn_sauid=9A32AB0A-AF58-4F1F-B0DE-3390EAEAD2BF
SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} - No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: BGAntiphishingBHO Class - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} - No File
Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} - No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 02 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 03 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 04 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 05 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 06 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 07 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 08 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 09 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 10 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Winsock: Catalog9 21 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)
Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62

FireFox:
========
FF ProfilePath: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF user.js: detected! => C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\user.js
FF Homepage: hxxp://www.yandex.ru/?win=98&clid=1992445
FF DefaultSearchEngine: Yandex
FF SelectedSearchEngine: Yandex
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=12.0.1.633 - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\askcomsearch.xml
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\SearchTheWeb.xml
FF SearchPlugin: C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-193631.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\fcmdSrchstonicde.xml
FF Extension: Download and Sa - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\50b8e6d5b3b61@50b8e6d5b3b9a.com [2012-11-30]
FF Extension: Savings Sidekick - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\crossriderapp5060@crossrider.com [2012-08-03]
FF Extension: Babylon - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\ffxtlbr@babylon.com [2012-08-03]
FF Extension: incredibar.com - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\ffxtlbr@incredibar.com [2012-08-03]
FF Extension: OneClickDownloader - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\OneClickDownload@OneClickDownload.com [2012-08-03]
FF Extension: No Name - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\staged [2012-03-21]
FF Extension: Яндекс.Бар - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\yasearch@yandex.ru [2011-06-21]
FF Extension: Спутник @Mail.Ru - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} [2012-03-21]
FF Extension: No Name - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-09-10]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011-01-08]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-12]
FF HKLM\...\Firefox\Extensions: [50b8e6d5b3b61@50b8e6d5b3b9a.com] - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\50b8e6d5b3b61@50b8e6d5b3b9a.com
FF Extension: Download and Sa - C:\Users\artpc.artpc-PC\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\extensions\50b8e6d5b3b61@50b8e6d5b3b9a.com [2012-11-30]
FF HKLM\...\Firefox\Extensions: [antiphishing@bullguard] - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\
FF Extension: BullGuard Antiphishing Toolbar - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\FF\antiphishing@bullguard\ []
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-04-26]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKCU\...\Thunderbird\Extensions: [{380AE6CB-09B9-4373-B360-D01C2462A6E7}] - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin
FF Extension: BullGuard Backup - C:\Program Files\BullGuard Ltd\BullGuard\backup\thunderbirdbkplugin [2013-04-01]
FF HKCU\...\Thunderbird\Extensions: [{0E810812-F4BB-4309-942A-755587587A5E}] - C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter
FF Extension: BullGuard Spamfilter - C:\Program Files\BullGuard Ltd\BullGuard\Spamfilter\TbSpamfilter [2013-04-01]

Chrome:
=======

CHR Plugin: (Shockwave Flash) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Google Update) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Extension: (Adblock Plus) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.2_0 [2013-12-20]
CHR Extension: (RealDownloader) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.3_0 [2013-09-28]
CHR Extension: (Stealthy) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje\3.0.1_0 [2013-09-28]
CHR Extension: (Google Wallet) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1 [2014-01-08]
CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [hoadhbnmkdpkhaacbeegdnjoannbhdkd] - C:\ProgramData\Download and Sa\hoadhbnmkdpkhaacbeegdnjoannbhdkd.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-12-10]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-11-28]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2012-11-28]
CHR HKLM\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2012-11-28]
CHR HKLM\...\Chrome\Extension: [nkcpopggjcjkiicpenikeogioednjeac] - C:\Users\artpc.artpc-PC\AppData\Local\Temp\nkcpopggjcjkiicpenikeogioednjeac.crx [2012-11-28]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-28]
CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2012-11-28]
CHR HKCU\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2012-11-28]
CHR HKCU\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-11-28]
CHR HKCU\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2012-11-28]
CHR StartMenuInternet: Google Chrome - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdvancedSystemCareService5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-10] (APN LLC.)
S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [122760 2013-04-01] (BullGuard Ltd.)
R2 BsBrowser; C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll [58248 2013-04-01] (BullGuard Ltd.)
R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [272216 2013-04-01] (BullGuard Ltd.)
R2 BsFire; C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll [384344 2013-04-01] (BullGuard Ltd.)
R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll [175496 2013-04-01] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [171136 2013-04-01] (BullGuard Ltd.)
R3 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [305032 2013-04-01] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [357504 2013-04-01] (BullGuard Ltd.)
R2 FSCLBaseUpdaterService; C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe [65536 2007-06-04] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Thorn; C:\Users\artpc.artpc-PC\AppData\Local\THORN\Thorn.exe [36664 2013-10-17] (GGS)

==================== Drivers (Whitelisted) ====================

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)
R1 afw; C:\Windows\System32\DRIVERS\afw.sys [29208 2013-03-28] (Agnitum Ltd.)
R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [318488 2013-03-28] (Agnitum Ltd.)
S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2013-04-18] (Google Inc)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)
R1 BdSpy; C:\Windows\System32\DRIVERS\BdSpy.sys [58592 2013-04-01] (BullGuard Ltd.)
S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)
R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)
R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)
R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)
S3 Profos; C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [14720 2010-07-08] (BitDefender S.R.L.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)
S3 Thetta; C:\Windows\System32\DRIVERS\Thetta32.sys [205656 2013-12-17] (Windows (R) Win 7 DDK provider)
S3 Trufos; C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\trufos.sys [39808 2010-07-08] (BitDefender S.R.L.)
R1 WINIO; C:\Windows\system32\WinIo.sys [9336 2007-01-04] (hxxp://www.internals.com)
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 usbbus; system32\DRIVERS\lgusbbus.sys [x]
S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x]
S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-16 14:58 - 2014-01-16 14:58 - 00000000 ____D C:\FRST
2014-01-15 13:49 - 2014-01-15 13:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-15 02:59 - 2014-01-16 13:41 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\THORN
2014-01-15 02:58 - 2014-01-15 02:58 - 00001605 _____ C:\Users\artpc.artpc-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BS.lnk
2014-01-15 02:58 - 2014-01-15 02:58 - 00001581 _____ C:\Users\artpc.artpc-PC\Desktop\BS.lnk
2014-01-14 16:40 - 2014-01-14 16:40 - 00000754 _____ C:\Users\artpc.artpc-PC\Desktop\GameNet.lnk
2014-01-14 16:40 - 2014-01-14 16:40 - 00000000 ____D C:\Program Files\GameNet
2014-01-14 16:39 - 2014-01-16 13:52 - 00000000 ____D C:\Program Files\QGNA
2014-01-14 16:39 - 2013-12-17 15:06 - 00205656 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Thetta32.sys
2014-01-10 12:24 - 2014-01-10 12:24 - 00000368 _____ C:\Windows\PFRO.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-01-16 14:58 - 2014-01-16 14:58 - 00000000 ____D C:\FRST
2014-01-16 14:58 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-16 14:58 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-16 14:51 - 2013-09-21 18:42 - 00000392 ____H C:\Windows\Tasks\User_Feed_Synchronization-{F28FB0E6-C1A5-46AB-97DA-C5159556C201}.job
2014-01-16 14:46 - 2012-05-27 15:23 - 00000996 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA.job
2014-01-16 14:44 - 2013-03-28 21:52 - 00057688 _____ C:\Windows\system32\config\afw_hm.conf
2014-01-16 14:44 - 2013-03-28 21:52 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2014-01-16 14:17 - 2012-04-23 14:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-16 13:55 - 2010-03-15 15:56 - 01136564 _____ C:\Windows\WindowsUpdate.log
2014-01-16 13:53 - 2013-03-28 20:56 - 00000000 ____D C:\ProgramData\BullGuard
2014-01-16 13:52 - 2014-01-14 16:39 - 00000000 ____D C:\Program Files\QGNA
2014-01-16 13:48 - 2012-08-03 00:07 - 00000374 ____H C:\Windows\Tasks\OptimizerProUpdaterTask{9B360689-EE64-4AB1-941E-48EE2C16979C}.job
2014-01-16 13:41 - 2014-01-15 02:59 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\THORN
2014-01-16 13:40 - 2011-05-31 00:04 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2014-01-16 13:40 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 03:46 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 03:15 - 2008-08-14 03:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-16 03:12 - 2013-08-15 14:26 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 03:04 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-16 01:19 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing
2014-01-15 19:46 - 2012-05-27 15:23 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core.job
2014-01-15 13:49 - 2014-01-15 13:49 - 00000000 ____D C:\ProgramData\boost_interprocess
2014-01-15 02:58 - 2014-01-15 02:58 - 00001605 _____ C:\Users\artpc.artpc-PC\AppData\Roaming\Microsoft\Windows\Start Menu\BS.lnk
2014-01-15 02:58 - 2014-01-15 02:58 - 00001581 _____ C:\Users\artpc.artpc-PC\Desktop\BS.lnk
2014-01-14 18:00 - 2013-03-19 14:55 - 00000440 _____ C:\Windows\Tasks\SpeedMaxPc Registration3.job
2014-01-14 16:40 - 2014-01-14 16:40 - 00000754 _____ C:\Users\artpc.artpc-PC\Desktop\GameNet.lnk
2014-01-14 16:40 - 2014-01-14 16:40 - 00000000 ____D C:\Program Files\GameNet
2014-01-13 21:39 - 2008-01-21 08:16 - 01445546 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-12 12:57 - 2013-05-01 20:11 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\LG Electronics
2014-01-10 12:24 - 2014-01-10 12:24 - 00000368 _____ C:\Windows\PFRO.log
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
2013-12-24 02:30 - 2013-03-19 14:55 - 00000398 _____ C:\Windows\Tasks\SpeedMaxPc Update3.job
2013-12-22 21:06 - 2013-02-08 02:49 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify
2013-12-22 20:43 - 2013-02-08 02:49 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\Spotify
2013-12-18 16:31 - 2013-02-24 00:49 - 00135648 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-18 16:31 - 2013-02-24 00:49 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-17 22:43 - 2011-09-10 23:33 - 00000000 ____D C:\ProgramData\IObit
2013-12-17 15:06 - 2014-01-14 16:39 - 00205656 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\Thetta32.sys

Some content of TEMP:
====================
C:\Users\artpc.artpc-PC\AppData\Local\Temp\avgnt.exe
C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup23156.exe
C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup28070.exe
C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup8773.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

oder auch noch was anderes auch mit FRST, kenne mich leider nicht aus aber vl. sagt es was?:FRST Additions Logfile:

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-01-2014 03

Ran by artpc at 2014-01-16 15:02:01

Running from C:\Documents

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AV: BullGuard Antivirus (Enabled - Up to date) {504FFF66-3028-EB7E-2E60-62B19ADD791C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: BullGuard Antispyware (Enabled - Up to date) {EB2E1E82-1612-E4F0-14D0-59C3E15A33A1}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: BullGuard Firewall (Disabled) {68747E43-7A47-EA26-053F-CB84640E3E67}
 

==================== Installed Programs ======================
 

 Update for Microsoft Office 2007 (KB2508958) (Version:  - Microsoft)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

4500_G510gm_Help (Version: 000.0.439.000 - Hewlett-Packard) Hidden

4500G510gm (Version: 000.0.423.000 - Hewlett-Packard) Hidden

4500G510gm_Software_Min (Version: 000.0.423.000 - Hewlett-Packard) Hidden

7-Zip 9.20 (Version:  - )

Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden

Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated)

Adobe Download Assistant (Version: 1.0.6 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (Version: 11.6.7.637 - Adobe Systems, Inc.)

Advanced SystemCare 5 (Version: 5.2.0 - IObit)

ALPS Touch Pad Driver (Version:  - )

AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden

AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)

ArcSoft MediaImpression HD Edition (Version: 3.5.255.985 - ArcSoft)

Ask Toolbar (Version: 12.9.1.17 - APN, LLC) <==== ATTENTION

Audacity 1.3.13 (Unicode) (Version:  - Audacity Team)

Avira Free Antivirus (Version: 14.0.2.286 - Avira)

BS.ru (Version: 1.0 - Global Gamers Solution ©)

BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden

BullGuard (Version: 9.0 - BullGuard Ltd.)

CCleaner (Version: 4.01 - Piriform)

Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000 - Microsoft Corporation)

Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 130.0.372.000 - Hewlett-Packard) Hidden

Digital Video Repair 1.0 (Version:  - )

DivX-Setup (Version: 2.6.1.84 - DivX, LLC)

DocMgr (Version: 130.0.000.000 - Ihr Firmenname) Hidden

DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden

FSCLounge (Version: 1.0.0 - Fujitsu Siemens Computers)

Google Chrome (Version: 32.0.1700.76 - Google Inc.)

GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 13.0 (Version: 13.0 - HP)

HP Document Manager 2.0 (Version: 2.0 - HP)

HP Imaging Device Functions 13.0 (Version: 13.0 - HP)

HP Officejet 4500 G510g-m (Version: 13.0 - HP)

HP Smart Web Printing 4.5 (Version: 4.5 - HP)

HP Solution Center 13.0 (Version: 13.0 - HP)

HP Update (Version: 5.003.001.001 - Hewlett-Packard)

HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden

Intel(R) Graphics Media Accelerator Driver (Version:  - )

Intel(R) Network Connections Drivers (Version:  - )

IObit Apps Toolbar v7.6 (Version: 7.6 - Spigot, Inc.) <==== ATTENTION

Java 7 Update 45 (Version: 7.0.450 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

LG Bluetooth Drivers (Version: 1.1 - LG Electronics)

LG PC Suite (Version: 5.3.10.20131107 - LG Electronics)

LG United Mobile Driver (Version: 3.10.1.0 - LG Electronics)

MAGIX Video deluxe 2013 (Version: 12.0.0.32 - MAGIX AG) Hidden

MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden

Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (Version: 9.7.0621 - Microsoft Corporation)

MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)

neroxml (Version: 1.0.0 - Nero AG) Hidden

Network (Version: 130.0.374.000 - Hewlett-Packard) Hidden

OCR Software by I.R.I.S. 13.0 (Version: 13.0 - HP)

OpenOffice.org 3.3 (Version: 3.3.9567 - OpenOffice.org)

PDF Architect (Version: 1.1.83.9982 - pdfforge GmbH)

PDFCreator (Version: 1.7.0 - pdfforge)

Picasa 3 (Version: 3.9 - Google, Inc.)

Power Manager 2.8.4 (Version: 2.8.4 - FIC, Inc.)

QGNA (Version: 1.36.719.0 - Global Gamers Solutions ©)

RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden

RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden

RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden

RealPlayer (Version: 16.0.3 - RealNetworks)

Realtek High Definition Audio Driver (Version: 6.0.1.5618 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden

Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden

Shop for HP Supplies (Version: 13.0 - HP)

Smart Defrag 2 (Version: 2.7 - IObit)

SmartWebPrinting (Version: 130.0.373.000 - Hewlett-Packard) Hidden

SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden

Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)

Spotify (Version: 0.9.4.185.g7545a404 - Spotify AB)

Status (Version: 130.0.373.000 - Hewlett-Packard) Hidden

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden

TrayApp (Version: 130.0.376.000 - Hewlett-Packard) Hidden

Update for 2007 Microsoft Office System (KB967642) (Version:  - Microsoft)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (Version:  - Microsoft)

VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden

VCRedistSetup (Version: 1.0.0 - Nero AG) Hidden

VKMusic 4 (Version: 4.56 - )

VLC media player 2.0.5 (Version: 2.0.5 - VideoLAN)

WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden

WiFi HotSpot Creator (Version: 2.0.0 - DanuSoft)

Windows Media Player Firefox Plugin (Version: 1.0.0.8 - Microsoft Corp)

WinRAR 4.20 (32-Bit) (Version: 4.20.0 - win.rar GmbH)

xp-AntiSpy 3.98-2 (Version:  - Christian Taubenheim)
 

==================== Restore Points  =========================
 

10-01-2014 13:09:37 Geplanter Prüfpunkt

11-01-2014 16:22:07 Geplanter Prüfpunkt

12-01-2014 15:52:01 Geplanter Prüfpunkt

15-01-2014 03:14:43 Geplanter Prüfpunkt

16-01-2014 02:01:42 Windows Update
 

==================== Hosts content: ==========================
 

2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {0050265D-4EA6-4D24-A4C4-6CD150C59E89} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {0757B605-B1FE-4D84-98D6-CC19727FD233} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-27] (Google Inc.)

Task: {14AA24C1-75C1-43CE-82C3-9182E90B6A3B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {1E0DF468-3C26-44F9-9931-6BAE39B3B7FF} - System32\Tasks\ASC4_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe

Task: {2A2FD524-8E7F-44E1-A2E1-3CF6B6F0A351} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files\Real\RealPlayer\update\realsched.exe [2013-09-12] (RealNetworks, Inc.)

Task: {2AA9C7EC-2C74-4BA9-9030-510C8FCA92E8} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {34E1C497-1501-4922-837C-FD14A51015DC} - System32\Tasks\OptimizerProUpdaterTask{9B360689-EE64-4AB1-941E-48EE2C16979C} => C:\ProgramData\OptimizerPro\OptimizerPro.exe [2012-08-03] () <==== ATTENTION

Task: {3B65512E-8CB7-4314-A478-8299B37DA59E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {462BF972-FB1C-4815-B763-3F0D60537115} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-27] (Google Inc.)

Task: {558C6BA7-3CA3-4733-AFBC-3201DECAC446} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [2012-12-11] (IObit)

Task: {5D53DF66-6FAF-43B7-845F-278C2D9DD02B} - System32\Tasks\SpeedMaxPc Update3 => C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe

Task: {71EA1767-DCC8-4042-8377-78F951DACE8D} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)

Task: {735AF642-57DF-4C31-B214-650AA799792C} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {77FAEC25-AEB1-460B-B3B5-AD321AC8E226} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\system32\FlashPlayerUpdateService.exe

Task: {7EC41868-827F-4ABB-B64C-B1A990709B01} - System32\Tasks\VKSaverUpdate => C:\ProgramData\VKSaver\VKSaver.exe [2012-12-25] (AudioVkontakte.ru)

Task: {8331A07D-0EC2-452A-B4B3-F11C75EB1AF1} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {8E2577CD-6217-46D8-9FBC-0F696B485B09} - System32\Tasks\SpeedMaxPc Registration3 => Rundll32.exe "C:\Program Files\Common Files\SpeedMaxPc\UUS3\UUS3.dll" RunUns

Task: {8F38313F-4110-41E9-963A-DCEBC0154C40} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe [2012-09-06] (IObit)

Task: {9E9B6439-437F-4EB1-B9F2-17A70819DEBB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {AC6F9E9C-8EBB-4215-BE16-51BFE2646DED} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {ACDCD493-59F7-463D-B64D-4037FF9FCBF3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {B368B0AF-A887-42FD-8FBE-A205E720FC4B} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {BD7B197A-0347-43A9-827C-57D39CD38309} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)

Task: {CCCC2426-AF6F-48CB-8C26-8F915ADA1C13} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {D5D19CC3-E7DF-4A53-8BB7-A1099D0158DE} - System32\Tasks\Google Updater and Installer => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-27] (Google Inc.)

Task: {D97B1DC3-D3C5-44A0-9C45-17A6BD613C61} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)

Task: {DE5D3EC7-23BB-4FC6-9996-A71C787E9466} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {E8BAB889-3F96-4FA5-AB78-8FCAD15232F9} - System32\Tasks\GameNet => C:/Program Files/QGNA/qgna.exe [2014-01-09] (GGS)

Task: {ECC33EB1-F4D6-443A-91CA-90DC8EF2189A} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\system32\FlashPlayerUpdateService.exe

Task: {EE3CD7D1-34EF-4A23-B222-A1C813234535} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1947843536-1629178341-672044078-1000 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)

Task: {F8084A72-B47B-4EEE-BF06-0548E29D970A} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core.job => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA.job => C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\OptimizerProUpdaterTask{9B360689-EE64-4AB1-941E-48EE2C16979C}.job => C:\ProgramData\OptimizerPro\OptimizerPro.exe <==== ATTENTION

Task: C:\Windows\Tasks\SpeedMaxPc Registration3.job => C:\Program Files\Common Files\SpeedMaxPc\UUS3\UUS3.dll

Task: C:\Windows\Tasks\SpeedMaxPc Update3.job => C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{F28FB0E6-C1A5-46AB-97DA-C5159556C201}.job => C:\Windows\system32\msfeedssync.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-02-25 01:48 - 2011-08-19 16:33 - 00047960 _____ () C:\Program Files\IObit\Smart Defrag 2\NtfsData.dll

2012-05-14 18:46 - 2011-11-10 21:43 - 00103256 _____ () C:\Program Files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu.dll

2014-01-08 00:48 - 2014-01-07 05:05 - 04055320 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\pdf.dll

2014-01-08 00:48 - 2014-01-07 05:05 - 00399640 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\ppGoogleNaClPluginChrome.dll

2014-01-08 00:48 - 2014-01-07 05:04 - 01634584 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\ffmpegsumo.dll

2014-01-08 10:17 - 2014-01-08 10:17 - 04591616 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libglesv2.dll

2014-01-08 10:17 - 2014-01-08 10:17 - 00112128 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\SwiftShader\1.0.5.0\libegl.dll

2014-01-08 00:48 - 2014-01-07 05:05 - 13615896 _____ () C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.72\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\TEMP:07F6D9E4

AlternateDataStreams: C:\ProgramData\TEMP:A8665DF4

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
 

==================== Safe Mode (whitelisted) ===================
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service"
 

==================== Faulty Device Manager Devices =============
 

Name: Microsoft-6zu4-Adapter #17

Description: Microsoft-6zu4-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 

Name: isatap.{C87FB976-F093-4DE7-8353-1B8379184E8B}

Description: Microsoft-ISATAP-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)

Resolution: Update the driver
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (01/16/2014 01:42:21 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/15/2014 06:06:10 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/15/2014 06:05:12 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".

Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (01/14/2014 02:07:02 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/13/2014 05:04:56 PM) (Source: SideBySide) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".

Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
 

Error: (01/13/2014 05:04:52 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/12/2014 00:11:32 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/11/2014 02:51:09 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/10/2014 05:06:31 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/10/2014 00:25:47 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (01/16/2014 01:52:17 PM) (Source: Microsoft-Windows-Bits-Client) (User: NT-AUTORITÄT)

Description: artpc-PC\artpc24360
 

Error: (01/16/2014 03:46:09 AM) (Source: DCOM) (User: )

Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}
 

Error: (01/16/2014 03:14:35 AM) (Source: Service Control Manager) (User: )

Description: Windows Search%%1053
 

Error: (01/16/2014 03:14:35 AM) (Source: Service Control Manager) (User: )

Description: 30000Windows Search
 

Error: (01/16/2014 03:14:35 AM) (Source: Service Control Manager) (User: )

Description: Windows Search%%1053
 

Error: (01/16/2014 03:14:34 AM) (Source: Service Control Manager) (User: )

Description: 30000Windows Search
 

Error: (01/16/2014 03:14:34 AM) (Source: DCOM) (User: )

Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 

Error: (01/13/2014 05:07:41 PM) (Source: Microsoft-Windows-Bits-Client) (User: NT-AUTORITÄT)

Description: artpc-PC\artpc22260
 

Error: (01/11/2014 03:36:39 AM) (Source: DCOM) (User: )

Description: {6295DF2D-35EE-11D1-8707-00C04FD93327}
 

Error: (01/10/2014 02:51:34 PM) (Source: Dhcp) (User: )

Description: Die Lease dieses Computers zu der IP-Adresse 192.168.100.2 über die Netzwerkkarte mit der Netzwerkadresse 00140B60C635 ist verloren gegangen.
 
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-01-16 15:01:44.386

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:43.863

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:43.341

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:42.145

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:41.621

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:41.073

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:40.524

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:39.966

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:15.608

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-01-16 15:01:15.088

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\Thetta32.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 69%

Total physical RAM: 3032.18 MB

Available physical RAM: 927.63 MB

Total Pagefile: 6302.62 MB

Available Pagefile: 3129.48 MB

Total Virtual: 2047.88 MB

Available Virtual: 1888.43 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:67.37 GB) (Free:0.87 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (DATA) (Fixed) (Total:156.73 GB) (Free:0.36 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 233 GB) (Disk ID: D56DB547)

Partition 1: (Not Active) - (Size=9 GB) - (Type=07 NTFS)

Partition 2: (Active) - (Size=67 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=157 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---
könnte ihr vl mitteilen ob es gefährlich sein könnte wenn man so ein scann postet? Danke im Voraus. Gruß

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

http://www.trojaner-board.de/picture...&pictureid=307

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Danke für die Antwort.
zum ANfang, was sind die logfiles? wie gesagt kenne mich nicht so aus.. wo soll ich die anhängen? und warum vorher in ein ZIP, RAR, 7Z-Archive zu packen?
Gruss

Zitat:

Zitat von lola25 (Beitrag 1232744)

Danke für die Antwort.
zum ANfang, was sind die logfiles? wie gesagt kenne mich nicht so aus.. wo soll ich die anhängen? und warum vorher in ein ZIP, RAR, 7Z-Archive zu packen?
Gruss

und ich bitte genauer zu erklären: Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke .
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Genauer kann man das eigentlich nicht erklären, is Schritt für Schritt. Was genau verstehst Du nicht oder wo hängst Du? dann kann ich erklären :)

Also:
Posten in CODE-Tags:- Was posten? in welche code Tags?

Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit: was sind logfiles? warum wollen Sie es in ZIP packen? es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
welche logfiles genau soll ich markieren? Ich habe zwei Abschnitte gepostet..
Klicke im Editor auf das #-Symbol: genauer bitte, in welche Editor, habe gegoogelt, verstehe nicht, sorry für die Umstände.
Malwarebytes Anti-Malware habe ich installiert und durchlaufen lassen.. Funde entfernt.
Hier sind zwei Berichte:
1:2014/01/16 21:27:07 +0100 ARTPC-PC artpc MESSAGE Executing scheduled update: Daily
2014/01/16 21:27:18 +0100 ARTPC-PC artpc MESSAGE Starting protection
2014/01/16 21:27:18 +0100 ARTPC-PC artpc MESSAGE Protection started successfully
2014/01/16 21:27:18 +0100 ARTPC-PC artpc MESSAGE Starting IP protection
2014/01/16 21:27:41 +0100 ARTPC-PC artpc MESSAGE Scheduled update executed successfully: database updated from version v2013.04.04.07 to version v2014.01.16.06
2014/01/16 21:27:41 +0100 ARTPC-PC artpc MESSAGE IP Protection started successfully
2014/01/16 21:27:41 +0100 ARTPC-PC artpc MESSAGE Starting database refresh
2014/01/16 21:27:41 +0100 ARTPC-PC artpc MESSAGE Stopping IP protection
2014/01/16 21:27:42 +0100 ARTPC-PC artpc MESSAGE IP Protection stopped successfully
2014/01/16 21:27:47 +0100 ARTPC-PC artpc MESSAGE Database refreshed successfully
2014/01/16 21:27:47 +0100 ARTPC-PC artpc MESSAGE Starting IP protection
2014/01/16 21:27:55 +0100 ARTPC-PC artpc MESSAGE IP Protection started successfully
2014/01/16 23:04:57 +0100 ARTPC-PC artpc IP-BLOCK 78.140.143.48 (Type: outgoing, Port: 63798, Process: chrome.exe)
2014/01/16 23:06:59 +0100 ARTPC-PC artpc IP-BLOCK 78.140.163.135 (Type: outgoing, Port: 63976, Process: chrome.exe)
2014/01/16 23:48:15 +0100 ARTPC-PC artpc DETECTION C:\ProgramData\OptimizerPro\OptimizerPro.exe Trojan.Dropper QUARANTINE
2014/01/16 23:48:16 +0100 ARTPC-PC artpc ERROR Quarantine failed: DeleteFile failed with error code 5

2:
2014/01/17 01:29:16 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50058, Process: chrome.exe)
2014/01/17 01:29:18 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50059, Process: chrome.exe)
2014/01/17 01:29:18 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50060, Process: chrome.exe)
2014/01/17 01:29:18 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50061, Process: chrome.exe)
2014/01/17 01:29:18 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50062, Process: chrome.exe)
2014/01/17 01:29:18 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50063, Process: chrome.exe)
2014/01/17 01:29:26 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50118, Process: chrome.exe)
2014/01/17 01:29:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50127, Process: chrome.exe)
2014/01/17 01:30:25 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50159, Process: chrome.exe)
2014/01/17 01:30:25 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50160, Process: chrome.exe)
2014/01/17 01:30:25 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50161, Process: chrome.exe)
2014/01/17 01:30:25 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50166, Process: chrome.exe)
2014/01/17 01:38:23 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50231, Process: chrome.exe)
2014/01/17 01:38:23 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 50232, Process: chrome.exe)
2014/01/17 03:51:44 +0100 ARTPC-PC artpc IP-BLOCK 78.140.163.135 (Type: outgoing, Port: 52290, Process: chrome.exe)
2014/01/17 03:52:41 +0100 ARTPC-PC artpc IP-BLOCK 88.85.70.189 (Type: outgoing, Port: 52357, Process: chrome.exe)
2014/01/17 03:52:42 +0100 ARTPC-PC artpc IP-BLOCK 78.140.163.135 (Type: outgoing, Port: 52404, Process: chrome.exe)
2014/01/17 03:53:47 +0100 ARTPC-PC artpc IP-BLOCK 78.140.143.48 (Type: outgoing, Port: 52421, Process: chrome.exe)
2014/01/17 03:53:47 +0100 ARTPC-PC artpc IP-BLOCK 78.140.143.48 (Type: outgoing, Port: 52422, Process: chrome.exe)
2014/01/17 03:53:47 +0100 ARTPC-PC artpc IP-BLOCK 78.140.143.48 (Type: outgoing, Port: 52440, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52548, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52605, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52611, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52612, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52613, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52616, Process: chrome.exe)
2014/01/17 03:54:35 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52618, Process: chrome.exe)
2014/01/17 03:54:43 +0100 ARTPC-PC artpc IP-BLOCK 88.208.33.4 (Type: outgoing, Port: 52687, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52704, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52705, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52706, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52713, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52714, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52715, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52716, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52717, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52718, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52720, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52721, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52722, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52723, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52724, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52725, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52726, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52728, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52729, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52730, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52731, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52733, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52734, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52735, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52736, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52737, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52738, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52740, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52742, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52743, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52744, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52745, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52746, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52747, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52748, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52749, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52750, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52751, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52752, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52753, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52755, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52756, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52757, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52758, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52760, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52761, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52762, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52763, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52764, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52766, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52767, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52768, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52769, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52770, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52771, Process: chrome.exe)
2014/01/17 03:55:00 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52772, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52773, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52775, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52776, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52777, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52778, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52779, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52780, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52781, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52782, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52783, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52784, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52785, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52789, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52790, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52791, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52792, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52793, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52794, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52795, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52796, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52797, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52798, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52799, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52800, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52801, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52802, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52803, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52804, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52805, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52806, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52807, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52808, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52809, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52810, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52811, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52812, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52813, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52814, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52815, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52816, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52817, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52818, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52819, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52820, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52821, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52822, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52823, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52824, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52825, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52826, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52827, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52828, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52829, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52830, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52831, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52832, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52833, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52834, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52835, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52836, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52837, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52838, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52839, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52840, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52841, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52842, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52843, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52844, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52845, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52846, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52847, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52848, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52849, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52850, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52851, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52858, Process: chrome.exe)
2014/01/17 03:55:01 +0100 ARTPC-PC artpc IP-BLOCK 78.140.142.55 (Type: outgoing, Port: 52860, Process: chrome.exe)
2014/01/17 04:09:59 +0100 ARTPC-PC (null) MESSAGE Starting protection
2014/01/17 04:09:59 +0100 ARTPC-PC (null) MESSAGE Protection started successfully
2014/01/17 04:09:59 +0100 ARTPC-PC (null) MESSAGE Starting IP protection
2014/01/17 04:10:06 +0100 ARTPC-PC (null) MESSAGE IP Protection started successfully
2014/01/17 13:42:50 +0100 ARTPC-PC (null) MESSAGE Executing scheduled update: Daily
2014/01/17 13:42:57 +0100 ARTPC-PC (null) MESSAGE Starting protection
2014/01/17 13:42:57 +0100 ARTPC-PC (null) MESSAGE Protection started successfully
2014/01/17 13:42:57 +0100 ARTPC-PC (null) MESSAGE Starting IP protection
2014/01/17 13:43:01 +0100 ARTPC-PC (null) MESSAGE Scheduled update executed successfully: database updated from version v2014.01.16.06 to version v2014.01.17.03
2014/01/17 13:43:08 +0100 ARTPC-PC (null) MESSAGE IP Protection started successfully
2014/01/17 13:43:08 +0100 ARTPC-PC (null) MESSAGE Starting database refresh
2014/01/17 13:43:08 +0100 ARTPC-PC (null) MESSAGE Stopping IP protection
2014/01/17 13:43:08 +0100 ARTPC-PC (null) MESSAGE IP Protection stopped successfully
2014/01/17 13:43:13 +0100 ARTPC-PC (null) MESSAGE Database refreshed successfully
2014/01/17 13:43:13 +0100 ARTPC-PC (null) MESSAGE Starting IP protection
2014/01/17 13:43:22 +0100 ARTPC-PC artpc MESSAGE IP Protection started successfully
2014/01/17 14:47:57 +0100 ARTPC-PC (null) MESSAGE Starting protection
2014/01/17 14:47:57 +0100 ARTPC-PC (null) MESSAGE Protection started successfully
2014/01/17 14:47:58 +0100 ARTPC-PC (null) MESSAGE Starting IP protection
2014/01/17 14:48:04 +0100 ARTPC-PC (null) MESSAGE IP Protection started successfully

Das von ADW cleaner poste ich noch. Danke schonmal.

Textdatei von Adwcleaner:AdwCleaner Logfile:

Code:

# AdwCleaner v3.017 - Bericht erstellt am 17/01/2014 um 19:08:38

# Aktualisiert 12/01/2014 von Xplode

# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

# Benutzername : artpc - ARTPC-PC

# Gestartet von : C:\Documents\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\boost_interprocess

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D53DF66-6FAF-43B7-845F-278C2D9DD02B}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E2577CD-6217-46D8-9FBC-0F696B485B09}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout

Schlüssel Gelöscht : HKCU\Software\filescout

Schlüssel Gelöscht : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar

Schlüssel Gelöscht : HKLM\Software\Speedchecker Limited

Schlüssel Gelöscht : HKLM\Software\Uniblue

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
 

***** [ Browser ] *****
 

-\\ Internet Explorer v7.0.6002.18005
 
 

-\\ Mozilla Firefox v
 

-\\ Google Chrome v
 

*************************
 

AdwCleaner[R0].txt - [11722 octets] - [24/10/2013 19:59:49]

AdwCleaner[R1].txt - [833 octets] - [24/10/2013 20:39:23]

AdwCleaner[R2].txt - [1105 octets] - [25/10/2013 13:45:50]

AdwCleaner[R3].txt - [2860 octets] - [17/01/2014 19:06:17]

AdwCleaner[S0].txt - [11371 octets] - [24/10/2013 20:01:16]

AdwCleaner[S1].txt - [893 octets] - [24/10/2013 20:40:25]

AdwCleaner[S2].txt - [1169 octets] - [25/10/2013 13:47:19]

AdwCleaner[S3].txt - [2791 octets] - [17/01/2014 19:08:38]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2851 octets] ##########

--- --- ---

Ich würde gerne wissen ob durch Veröffenlichung d. Daten irgendwelche Riseken gibt. Gruss

Ich würde noch gerne wissen ob es bei der Veröffentlichung der Daten irgendwelche Risiken gibt. Gruss

Inhalt von Junkware Removal Tool:

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{B46BD4CA-CE7D-494D-89F3-026154A7E58A}

~~~ Files

Successfully deleted: [File] "C:\Users\artpc.artpc-PC\appdata\locallow\SkwConfig.bin"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\ProgramData\optimizerpro"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\pccustubinstaller"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\pdfforge"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\local\apn"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\babylontoolbar"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\facemoods.com"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\incredibar.com"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Users\artpc.artpc-PC\appdata\locallow\surfcanyon"

~~~ FireFox

Successfully deleted: [File] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\user.js
Successfully deleted: [File] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\askcom.xml
Successfully deleted: [File] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\askcomsearch.xml
Successfully deleted: [File] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\delta.xml
Successfully deleted: [File] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\searchplugins\searchtheweb.xml
Successfully deleted: [Folder] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\ffxtlbr@babylon.com
Successfully deleted: [Folder] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\crossriderapp5060@crossrider.com
Successfully deleted: [Folder] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\ffxtlbr@incredibar.com
Successfully deleted: [Folder] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\oneclickdownload@oneclickdownload.com
Successfully deleted: [Folder] C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\extensions\staged
Successfully deleted the following from C:\Users\artpc.artpc-PC\AppData\Roaming\mozilla\firefox\profiles\nahd6ha2.default\prefs.js

user_pref("extensions.asktb.ff-original-keyword-url", "");

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.01.2014 at 20:31:52,59
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und was ist ein FRST?

Noch eine Frage.
Ich habe die Click&Clean App installiert. Dann habe "persönlich Daten löschen" durchgeführt. Seid dem kann ich keine "minimierte" Fenster öffnen. Bzw. gibt es ja im Email Posteingang bei GMX rechts ein kleinen Quadrat, so lässt sich eine Email in eine extra Fenster öffnen. Nun funktioniert es nicht mehr und emails können nur in einem Fenster geöffnet werden. Woran liegt es. Wäre super wenn Sie einen Rat hätten. Gruß

Da sind keine sensiblen Daten drin in den Logfiles. Du hast die Logs jetzt einfach so gepostet. Folge doch enfach der Anleitung zum Posten in Codetags, und pack jedes Logfile zwischen das Code und /Code.

Zitat:

Ich habe die Click&Clean App installiert. Dann habe "persönlich Daten löschen" durchgeführt. Seid dem kann ich keine "minimierte" Fenster öffnen. Bzw. gibt es ja im Email Posteingang bei GMX rechts ein kleinen Quadrat, so lässt sich eine Email in eine extra Fenster öffnen. Nun funktioniert es nicht mehr und emails können nur in einem Fenster geöffnet werden. Woran liegt es. Wäre super wenn Sie einen Rat hätten. Gruß

Warum machst Du sowas? Du hast die Sachen gelöscht, also auch alle Einstellungen. Musste jetzt alles nochmal neu einstellen bzw reparieren.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Haben den die bisherigen lofiles was gebracht?
hier die von SecurityCheck:
Results of screen317's Security Check version 0.99.79
Windows Vista Service Pack 2 x86 (UAC is enabled)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
BullGuard Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
CCleaner
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.170
Adobe Reader 9 Adobe Reader out of Date!
Adobe Reader 10.1.9 Adobe Reader out of Date!
Google Chrome 32.0.1700.72
Google Chrome 32.0.1700.76
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

ich würde noch gerne wissen, ob man den Ordner "Neurecht" mit DLL und dil Dataien löschen kann?

Was für ein Ordner? Wo ist der? Schau doch mal in die Logs was wir alles gelöscht haben. Tonnen an Material.

Java, Adobe und unbedingt Windows updaten. Frisches FRST log fehlt. Noch Probleme?

hier das aktuelle FRST:
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-01-2014

Ran by artpc (administrator) on ARTPC-PC on 22-01-2014 09:50:33

Running from C:\Documents

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 7

Boot Mode: Normal
 

The only official download link for FRST:

Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 

Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forums
 

==================== Processes (Whitelisted) ===================
 

(IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(AudioVkontakte.ru) C:\ProgramData\VKSaver\VKSaver.exe

(ArcSoft Inc.) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

() C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe

() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

(GGS) C:\Users\artpc.artpc-PC\AppData\Local\THORN\Thorn.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(AudioVkontakte.ru) C:\ProgramData\VKSaver\VKSaver.exe

() C:\Program Files\Power Manager\PM.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(IObit) C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe

(IObit) C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\sdclt.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-18] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [6139904 2008-05-08] (Realtek Semiconductor)

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [BullGuard] - C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [2074424 2013-04-01] (BullGuard Ltd.)

HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [VKSaver] - C:\ProgramData\VKSaver\VKSaver.exe [224768 2012-12-25] (AudioVkontakte.ru)

HKLM\...\Run: [PowerManager] - c:\program files\power manager\pm.exe [1716224 2008-09-25] ()

HKCU\...\Run: [Google Update] - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-27] (Google Inc.)

HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)

HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)

HKCU\...\Run: [Advanced SystemCare 5] - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [574296 2012-03-06] (IObit)

HKCU\...\Policies\Explorer: [NoInstrumentation] 1

MountPoints2: {0fba91ea-9ead-11e2-bf22-c8529e82fa0a} - H:\LGAutoRun.exe

MountPoints2: {71232dde-fcf2-11e2-b800-b11a8659bce7} - H:\LGAutoRun.exe

MountPoints2: {a932f1d6-b261-11e2-b29c-e784838dda10} - H:\LGAutoRun.exe

HKU\Art\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Art\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-21] (Microsoft Corporation)

HKU\Art\...\Run: [Advanced SystemCare 5] - C:\Program Files\IObit\Advanced SystemCare 5\ASCTray.exe [ 2012-03-06] (IObit)

HKU\Art\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-21] (Microsoft Corporation)

HKU\Art\...\Run: [Spotify Web Helper] - C:\Users\artpc.artpc-PC\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [ 2013-10-19] (Spotify Ltd)

HKU\Art\...\Run: [Driver Detective] - C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false

HKU\Art\...\Run: [Google Update] - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-03-27] (Google Inc.)

HKU\Art\...\Run: [PCSpeedUp] - C:\Program Files\PC Speed Up\PCSUNotifier.exe

HKU\artpc\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\artpc\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe

HKU\artpc\...\Run: [fsc-reg] - c:\fsc-reg\fscreg.exe

HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\system32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

AppInit_DLLs: c:\progra~2\vksaver\vksaver3.dll => C:\ProgramData\VKSaver\vksaver3.dll [60928 2012-12-25] (AudioVkontakte.ru)

AppInit_DLLs: bggamingmonitor.dll => C:\Windows\system32\bggamingmonitor.dll [98128 2010-04-23] (BullGuard Ltd.)

AppInit_DLLs: bggamingmonitor.dll => C:\Windows\system32\bggamingmonitor.dll [98128 2010-04-23] (BullGuard Ltd.)

AppInit_DLLs: BgGamingMonitor.dll => C:\Windows\system32\BgGamingMonitor.dll [98128 2010-04-23] (BullGuard Ltd.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - URL hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}

SearchScopes: HKLM - TopResultURLFallback hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}

SearchScopes: HKLM - TopResultURL hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}

SearchScopes: HKCU - 3F6F3209E124BA4C26377C509D8F5EEA URL = hxxp://yandex.ru/yandsearch?win=98&clid=1992446&text={searchTerms}

SearchScopes: HKCU - Moikrug URL = hxxp://moikrug.ru/persons/?clid=931354&charset=utf-8&keywords={searchTerms}&submitted=1

SearchScopes: HKCU - yandex.ru-091235 URL = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=25448460&q={searchTerms}

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

SearchScopes: HKCU - {79813DF5-0052-4742-997A-7D5E469E055A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms}

SearchScopes: HKCU - {E88E0043-C9D4-4e33-8555-FEE4F5B63060} URL = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb

BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)

BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO: No Name - {D5FEC983-01DB-414a-9456-AF95AC9ED7B5} -  No File

BHO: BGAntiphishingBHO Class - {FC872B94-35E3-4B94-B028-184A2A1C7CCE} - C:\Program Files\BullGuard Ltd\BullGuard\Antiphishing\IE\BGAntiphishingIEBHO.dll (BullGuard Ltd.)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File

Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File

Toolbar: HKCU - No Name - {09152F0B-739C-4DEC-A245-1AA8A37594F1} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Winsock: Catalog9 01 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 02 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 03 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 04 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 05 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 06 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 07 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 08 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 09 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 10 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Winsock: Catalog9 21 C:\Windows\system32\BGLsp.dll [150848] (BullGuard Ltd.)

Tcpip\Parameters: [DhcpNameServer] 82.212.62.62 78.42.43.62
 

Chrome: 

=======

CHR HomePage: hxxp://www.gmx.net/

CHR Plugin: (Shockwave Flash) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)

CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)

CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)

CHR Plugin: (Google Update) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File

CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll No File

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Download Plugin) - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

CHR Extension: (Adblock Plus) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-28]

CHR Extension: (Virtual piano) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohgcponedmbhgbbdinajeoapmoaifdj [2014-01-17]

CHR Extension: (timeStats) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejifodhjoeeenihgfpjijjmpomaphmah [2014-01-17]

CHR Extension: (Picditor Photo Editor) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggdplhaiiohpkafnlhlfikiomnboacoi [2014-01-17]

CHR Extension: (Google) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-01-17]

CHR Extension: (AdBlock) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-17]

CHR Extension: (IP-Adresse) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjndloejlcbpkholmagjbddfkjmmploh [2014-01-17]

CHR Extension: (JavaScript Popup Blocker) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2014-01-17]

CHR Extension: (RealDownloader) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-03-19]

CHR Extension: (Stealthy) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieaebnkibonmpbhdaanjkmedikadnoje [2013-09-28]

CHR Extension: (Facebook AdBlock) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa [2014-01-17]

CHR Extension: (Peanut Gallery) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhbgfmofpkinopfbafkklckgbkojgknp [2014-01-17]

CHR Extension: (Google Wallet) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-28]

CHR Extension: (Click&Clean App) - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-01-17]

CHR HKLM\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2014-01-17]

CHR HKLM\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2014-01-17]

CHR HKLM\...\Chrome\Extension: [hoadhbnmkdpkhaacbeegdnjoannbhdkd] - C:\ProgramData\Download and Sa\hoadhbnmkdpkhaacbeegdnjoannbhdkd.crx [2014-01-17]

CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

CHR HKLM\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2013-08-14]

CHR HKLM\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2013-08-14]

CHR HKLM\...\Chrome\Extension: [nkcpopggjcjkiicpenikeogioednjeac] - C:\Users\artpc.artpc-PC\AppData\Local\Temp\nkcpopggjcjkiicpenikeogioednjeac.crx [2013-08-14]

CHR HKCU\...\Chrome\Extension: [bblnhhgpgomleanhbppdnkpofhjijgdp] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\bblnhhgpgomleanhbppdnkpofhjijgdp.crx [2013-08-14]

CHR HKCU\...\Chrome\Extension: [cgiaikfpllchefojlnehlmpekeogihnm] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\cgiaikfpllchefojlnehlmpekeogihnm.crx [2013-08-14]

CHR HKCU\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2013-08-14]

CHR HKCU\...\Chrome\Extension: [naipdapbimiiikbbgjcpbgmfhnlbagpj] - C:\Users\artpc.artpc-PC\AppData\Local\CRE\naipdapbimiiikbbgjcpbgmfhnlbagpj.crx [2013-08-14]

CHR StartMenuInternet: Google Chrome - C:\Users\artpc.artpc-PC\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AdvancedSystemCareService5; C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [913752 2012-03-14] (IObit)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-12-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-26] (Avira Operations GmbH & Co. KG)

S3 BgRaSvc; C:\Program Files\BullGuard Ltd\BullGuard\Support\BgRaSvc.exe [122760 2013-04-01] (BullGuard Ltd.)

R2 BsBrowser; C:\Program Files\BullGuard Ltd\BullGuard\BsBrowser.dll [58248 2013-04-01] (BullGuard Ltd.)

R2 BsFileScan; C:\Program Files\BullGuard Ltd\BullGuard\BsFileScan.dll [272216 2013-04-01] (BullGuard Ltd.)

R2 BsFire; C:\Program Files\BullGuard Ltd\BullGuard\BsFire.dll [384344 2013-04-01] (BullGuard Ltd.)

R2 BsMailProxy; C:\Program Files\BullGuard Ltd\BullGuard\BsMailProxy\BsMailProxy.dll [175496 2013-04-01] (BullGuard Ltd.)

R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [171136 2013-04-01] (BullGuard Ltd.)

R3 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [305032 2013-04-01] (BullGuard Ltd.)

R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [357504 2013-04-01] (BullGuard Ltd.)

R2 FSCLBaseUpdaterService; C:\Program Files\Fujitsu Siemens Computers\FSCLounge\FSCWBaseUpdaterService\2\FSCWBaseUpdaterService.exe [65536 2007-06-04] ()

R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()

R2 Thorn; C:\Users\artpc.artpc-PC\AppData\Local\THORN\Thorn.exe [36664 2013-10-17] (GGS)
 

==================== Drivers (Whitelisted) ====================
 

R3 Afc; C:\Windows\System32\drivers\Afc.sys [18688 2006-11-10] (Arcsoft, Inc.)

R1 afw; C:\Windows\System32\DRIVERS\afw.sys [29208 2013-03-28] (Agnitum Ltd.)

R3 afwcore; C:\Windows\System32\DRIVERS\afwcore.sys [318488 2013-03-28] (Agnitum Ltd.)

S4 ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [173576 2008-05-27] (AMD Technologies Inc.)

S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [25856 2013-04-18] (Google Inc)

S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23168 2013-04-18] (LG Electronics Inc.)

S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [27776 2013-06-28] (LG Electronics Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-26] (Avira Operations GmbH & Co. KG)

R1 BdSpy; C:\Windows\System32\DRIVERS\BdSpy.sys [58592 2013-04-01] (BullGuard Ltd.)

S4 JRAID; C:\Windows\system32\drivers\jraid.sys [76688 2008-04-03] (JMicron Technology Corp.)

R3 LgBttPort; C:\Windows\System32\DRIVERS\lgbtport.sys [12160 2009-09-29] (LG Electronics Inc.)

R3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [10496 2009-09-29] (LG Electronics Inc.)

R3 LGVMODEM; C:\Windows\System32\DRIVERS\lgvmodem.sys [12928 2009-09-29] (LG Electronics Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)

S3 Profos; C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys [14720 2010-07-08] (BitDefender S.R.L.)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2010-11-26] ()

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-02-24] (Avira GmbH)

S3 Trufos; C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\trufos.sys [39808 2010-07-08] (BitDefender S.R.L.)

R1 WINIO; C:\Windows\system32\WinIo.sys [9336 2007-01-04] (Internals.com - The best online resource for system programmers)

S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [x]

S3 IpInIp; system32\DRIVERS\ipinip.sys [x]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

S3 usbbus; system32\DRIVERS\lgusbbus.sys [x]

S3 UsbDiag; system32\DRIVERS\lgusbdiag.sys [x]

S3 USBModem; system32\DRIVERS\lgusbmodem.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-01-20 05:52 - 2014-01-20 05:52 - 00000792 _____ C:\Users\artpc.artpc-PC\Desktop\PowerOff XP.lnk

2014-01-20 05:52 - 2014-01-20 05:52 - 00000792 _____ C:\Users\Art\Desktop\PowerOff XP.lnk

2014-01-20 05:51 - 2014-01-20 05:52 - 00000000 ____D C:\Program Files\PowerOff XP

2014-01-20 05:38 - 2014-01-20 05:38 - 00001096 _____ C:\Windows\PFRO.log

2014-01-18 18:19 - 2014-01-18 18:19 - 00000000 ____D C:\Program Files\ESET

2014-01-18 00:22 - 2014-01-18 00:49 - 00000000 ____D C:\Program Files\Opera

2014-01-18 00:22 - 2014-01-18 00:22 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Opera Software

2014-01-18 00:22 - 2014-01-18 00:22 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\Opera Software

2014-01-17 20:31 - 2014-01-17 20:31 - 00004575 _____ C:\Users\artpc.artpc-PC\Desktop\JRT.txt

2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D C:\Windows\ERUNT

2014-01-16 21:26 - 2014-01-16 21:26 - 00000930 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-01-16 21:26 - 2014-01-16 21:26 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Malwarebytes

2014-01-16 21:26 - 2014-01-16 21:26 - 00000000 ____D C:\ProgramData\Malwarebytes

2014-01-16 21:26 - 2014-01-16 21:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2014-01-16 21:26 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-01-16 14:58 - 2014-01-22 09:50 - 00000000 ____D C:\FRST

2014-01-15 02:59 - 2014-01-22 09:33 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\THORN

2014-01-14 16:40 - 2014-01-14 16:40 - 00000000 ____D C:\Program Files\GameNet

2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr
 

==================== One Month Modified Files and Folders =======
 

2014-01-22 09:50 - 2014-01-16 14:58 - 00000000 ____D C:\FRST

2014-01-22 09:50 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\tracing

2014-01-22 09:46 - 2012-05-27 15:23 - 00000996 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000UA.job

2014-01-22 09:38 - 2013-03-28 20:56 - 00000000 ____D C:\ProgramData\BullGuard

2014-01-22 09:33 - 2014-01-15 02:59 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\THORN

2014-01-22 09:33 - 2013-03-28 21:52 - 00058832 _____ C:\Windows\system32\config\afw_hm.conf

2014-01-22 09:33 - 2013-03-28 21:52 - 00000004 _____ C:\Windows\system32\config\afw_db.conf

2014-01-22 09:33 - 2011-05-31 00:04 - 00065536 _____ C:\Windows\system32\Ikeext.etl

2014-01-22 09:33 - 2006-11-02 14:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2014-01-22 09:33 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-01-22 09:33 - 2006-11-02 13:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-01-22 09:22 - 2010-03-15 15:56 - 01414715 _____ C:\Windows\WindowsUpdate.log

2014-01-22 09:09 - 2013-02-18 16:55 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\vlc

2014-01-22 07:08 - 2013-02-18 16:54 - 00000865 _____ C:\Users\Public\Desktop\VLC media player.lnk

2014-01-21 15:37 - 2006-11-02 14:01 - 00032514 _____ C:\Windows\Tasks\SCHEDLGU.TXT

2014-01-20 19:46 - 2012-05-27 15:23 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1947843536-1629178341-672044078-1000Core.job

2014-01-20 05:52 - 2014-01-20 05:52 - 00000792 _____ C:\Users\artpc.artpc-PC\Desktop\PowerOff XP.lnk

2014-01-20 05:52 - 2014-01-20 05:52 - 00000792 _____ C:\Users\Art\Desktop\PowerOff XP.lnk

2014-01-20 05:52 - 2014-01-20 05:51 - 00000000 ____D C:\Program Files\PowerOff XP

2014-01-20 05:38 - 2014-01-20 05:38 - 00001096 _____ C:\Windows\PFRO.log

2014-01-18 21:16 - 2012-12-02 19:49 - 00000000 ____D C:\Program Files\DivX

2014-01-18 21:16 - 2011-01-06 00:44 - 00000000 ____D C:\ProgramData\DivX

2014-01-18 21:01 - 2008-01-21 08:16 - 01445546 _____ C:\Windows\system32\PerfStringBackup.INI

2014-01-18 19:02 - 2010-11-24 12:15 - 00000000 ____D C:\Program Files\Convar

2014-01-18 19:00 - 2010-11-24 12:07 - 00000000 ____D C:\Program Files\Rising Research

2014-01-18 18:19 - 2014-01-18 18:19 - 00000000 ____D C:\Program Files\ESET

2014-01-18 02:26 - 2011-05-14 09:05 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Audacity

2014-01-18 00:49 - 2014-01-18 00:22 - 00000000 ____D C:\Program Files\Opera

2014-01-18 00:49 - 2010-03-15 16:44 - 00000955 _____ C:\Users\artpc.artpc-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-01-18 00:22 - 2014-01-18 00:22 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Opera Software

2014-01-18 00:22 - 2014-01-18 00:22 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Local\Opera Software

2014-01-17 20:31 - 2014-01-17 20:31 - 00004575 _____ C:\Users\artpc.artpc-PC\Desktop\JRT.txt

2014-01-17 20:13 - 2014-01-17 20:13 - 00000000 ____D C:\Windows\ERUNT

2014-01-17 19:08 - 2013-10-24 19:59 - 00000000 ____D C:\AdwCleaner

2014-01-17 19:03 - 2013-09-21 18:42 - 00000392 ____H C:\Windows\Tasks\User_Feed_Synchronization-{F28FB0E6-C1A5-46AB-97DA-C5159556C201}.job

2014-01-17 18:17 - 2012-04-23 14:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-01-17 18:00 - 2013-03-19 14:55 - 00000440 _____ C:\Windows\Tasks\SpeedMaxPc Registration3.job

2014-01-17 04:09 - 2006-11-02 13:37 - 00000000 ____D C:\Windows\DigitalLocker

2014-01-17 04:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Branding

2014-01-17 04:03 - 2012-09-07 23:04 - 00000000 ____D C:\Users\Art\AppData\Roaming\Iminent

2014-01-16 21:26 - 2014-01-16 21:26 - 00000930 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-01-16 21:26 - 2014-01-16 21:26 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\Malwarebytes

2014-01-16 21:26 - 2014-01-16 21:26 - 00000000 ____D C:\ProgramData\Malwarebytes

2014-01-16 21:26 - 2014-01-16 21:26 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware

2014-01-16 03:15 - 2008-08-14 03:01 - 00000000 ____D C:\ProgramData\Microsoft Help

2014-01-16 03:12 - 2013-08-15 14:26 - 00000000 ____D C:\Windows\system32\MRT

2014-01-16 03:04 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-01-14 16:40 - 2014-01-14 16:40 - 00000000 ____D C:\Program Files\GameNet

2014-01-12 12:57 - 2013-05-01 20:11 - 00000000 ____D C:\Users\artpc.artpc-PC\AppData\Roaming\LG Electronics

2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\system32\GPhotos.scr

2013-12-24 02:30 - 2013-03-19 14:55 - 00000398 _____ C:\Windows\Tasks\SpeedMaxPc Update3.job
 

Some content of TEMP:

====================

C:\Users\artpc.artpc-PC\AppData\Local\Temp\avgnt.exe

C:\Users\artpc.artpc-PC\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

C:\Users\artpc.artpc-PC\AppData\Local\Temp\Quarantine.exe

C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup23156.exe

C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup28070.exe

C:\Users\artpc.artpc-PC\AppData\Local\Temp\setup8773.exe

C:\Users\artpc.artpc-PC\AppData\Local\Temp\vlc-2.1.2-win32.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-22 09:40
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

C:\Programme\Eset\EsetOnlineScanner\log.txt
leider nicht zu finden! Nur esetsmartinstaller_deu.exe -dann wird ja das Programm erneut durchlaufen..

ich weiss nicht genau wie die anwendung heisst cp oder sowas. jedenfalls schlegen die zeiger von 14 bis 90 aus. kann man da was machen?

Zitat:

ich weiss nicht genau wie die anwendung heisst cp oder sowas. jedenfalls schlegen die zeiger von 14 bis 90 aus. kann man da was machen?

Meinst Du die CPU Auslastung, also Prozessor?